Robust security is imperative for network-based systems, particularly for applications that deal with sensitive information, to prevent unauthorized agents from intercepting, corrupting or publishing sensitive data. A suitable information security system must perform with minimum disruption to users to ensure that authorized users are neither erroneously denied access nor unduly restricted in their duties.
Furthermore, security tokens have long been in use to provide additional security. The function of a security token is to authenticate either the token itself or the individual, hardware, or other entity associated with the token. Often, an authentication token will contain numerous authenticating indicia, some of which are used to authenticate the token and some of which are used for other authentication purposes.
However, a problem common to security-based systems and security authentication tokens is the vulnerability of the security functionality. Compromise of the integrity of the software or the confidentiality of the tokens results in system failures or worse abuses such as fraud. This is a major concern, since attackers using sophisticated techniques have compromised a wide variety of existing systems, resulting in the intercepting, corrupting or publishing of sensitive data. Therefore, there is a continuing need to include adequate security mechanisms to protect such systems and tokens.